Excluding Local Networks from Hub Mode

When Exclude local networks is enabled:

• The roaming feature is disabled. When moving to another network, the tunnel disconnects and connects again in the new network.

• If the Encryption Domain network and the local network overlap, the local network traffic is still excluded and sent to the local network in clear.

If the Office Mode IP address overlaps with the local network IP addresses, the local network traffic is not excluded.

To exclude local networks when hub mode is enabled:

1. Edit the $FWDIR/conf/trac_client_1.ttm file on the Security Gateway.

2. Add exclude_local_networks_in_hub_mode and set its value to one of these:

   • true - Local networks are excluded and users cannot change this

   • client_decide - Configured by end user in the Site Properties > Settings tab.

   • false - Feature is off.

3. Save changes.

4. Install policy on the Security Gateway.

To exclude local networks from the client:

1. Open the Remote Access client.

2. Click Site Properties > Settings tab.

3. Select Do not route traffic for local network to the Security Gateway.

4. Click OK.

   The changes is applied the next time that the user connects.